Use allow_early_data_cb from SSL instead of SSL_CTX
authorraja-ashok <rashok.svks@gmail.com>
Sun, 28 Jul 2019 07:53:00 +0000 (13:23 +0530)
committerPauli <paul.dale@oracle.com>
Thu, 1 Aug 2019 01:38:52 +0000 (11:38 +1000)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9471)

ssl/statem/extensions.c

index 4941da3..7c17593 100644 (file)
@@ -1645,9 +1645,9 @@ static int final_early_data(SSL *s, unsigned int context, int sent)
             || s->early_data_state != SSL_EARLY_DATA_ACCEPTING
             || !s->ext.early_data_ok
             || s->hello_retry_request != SSL_HRR_NONE
-            || (s->ctx->allow_early_data_cb != NULL
-                && !s->ctx->allow_early_data_cb(s,
-                                         s->ctx->allow_early_data_cb_data))) {
+            || (s->allow_early_data_cb != NULL
+                && !s->allow_early_data_cb(s,
+                                         s->allow_early_data_cb_data))) {
         s->ext.early_data = SSL_EARLY_DATA_REJECTED;
     } else {
         s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;